Internet protocol (IP) numbers

Quick links

Updates

The Internet Society has released the ‘State of IPv6 Deployment 2018’ report, which looks at the progress made in the deployment of Internet Protocol version 6 (IPv6) across countries, networks, and service providers around the world. Over 25% of all Internet-connected networks advertise IPv6 connectivity, and the top 10 countries using the new protocol include Belgium, Greece, Germany, the USA, Uruguay, India, Switzerland, Japan, Malaysia, and Brazil. Cited Google statistics reveal that 49 countries deliver more than 5% of their traffic over IPv6, and that there are 24 countries whose IPv6 traffic exceeds 15%. Among Alexa's top 1000 global websites, 28% are accessible via IPv6 (an increase from 23% in 2017). Among the existing 1543 top-level domains, 98.4% have an IPv6 name server addressed and can be accessed using either IPv4 or IPv6. The report notes that more work is needed to drive IPv6 deployment in many countries and that numerous networks have IPv6 on their backbone, but not provided to their end-users. It also argues that 'increasingly, IPv4 is an unnecessary cost and a speculative asset'.

The US Department of Commerce and the Department of Homeland Security have released a draft report on 'Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats'. The report comes in response to President Trump's Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure (from May 2017). It looks at challenges and opportunities in reducing the botnet threats that 'capitalise on the sheer number of Internet of Things devices', with goals related to a more secure technology marketplace, innovations in network infrastructure and applications, coalitions among security and technical communities on national and international level, and awareness and education. It outlines several recommendations, such as: establish broadly accepted baseline security profiles for IoT devices in home and industrial applications, and promote international adoption through bilateral arrangements and the use of international standards including IPv6 implementation; more efforts from the industry to develop innovative solutions for preventing and mitigating distributed threats; collaboration between government and industry to ensure existing best practices, frameworks, and guidelines relevant to IoT are more widely adopted; and promoting the international adoption of best practices and relevant tools through bilateral and multilateral international engagement efforts. The report is open for public comment until mid February 2018.

A study conducted by a team of researchers at the University of Carolina San Diego, Saarland University, and University of Twente has revealed that one third of all IPv4 address space estimated to be in use have been affected by at least one denial-of-service (DoS) attack over the past two years. The researchers based their study on data from four global Internet measurement sources: backscatter traffic to a large network telescope; logs from amplification honeypots; a Domain Name System (DNS) measurement platform covering 60% of the current namespace; and a DNS-based data set focusing on DDoS Protection Services (DPS) adoption. Other main findings of the report: often targets are simultaneously hit by different types of attack; web servers were the most prominent DoS attack target; and an average of 3% of domain names registered in .com, .net, and .org were involved in DoS attacks daily; the most commonly targeted countries were the USA, China, Russia, France, and Germany.

Following news that the US Department of Justice (DoJ) had requested a hosting company (DreamHost) to provide the IP addresses of visitors to a website used to organise anti-Trump inauguration protests, the DoJ has modified and narrowed down its initial request for information from the company. In a reply to the court, the DoJ explains that, at the time of the initial request, it was not aware of several details regarding the website and extent of visitor data maintained by DreamHost, and that it ‘has no interest in records related to the 1.3 million IP addresses that are mentioned in DreamHost’s numerous press releases and opposition brief’. In the light of this new information, the DoJ modified its request to state, among others, that: ‘DreamHost should not disclose records that constitute HTTP request and error logs’. In reaction, the hosting company said that, now, ‘visitors’ IP addresses are largely safe’, but that it goes ahead with its filling against the request, as ‘there are still a few issues we consider to be problematic’.

Internet Protocol numbers (IP numbers) are unique numeric addresses that all devices connected to the Internet must have. Generally speaking, two devices connected to the Internet cannot have the same IP number.

The five RIRs coordinate their activities within the Number Resource Organization (NRO), which, among others, contributes to the development of global IP number policies (especially within the ICANN, where it acts as the Address Supporting Organization (ASO), tasked with reviewing and developing recommendations on IP address policy, and advising the ICANN Board in this regard). RIRs distribute IP numbers to the local Internet registries (LIRs) and national Internet registries (RIRs),which in turn distribute IP numbers to smaller ISPs, companies, and individuals further down the ladder.

IP numbers and the transition to IPv6

The pool of IP numbers under IPv4, which was introduced in 1983, contains some four billion numbers, which were initially thought to be sufficient to satisfy the demand for addresses. However, in February 2011, IANA announced that it no longer had blocks of IPv4 available for allocation to RIRs. At regional level, four of the five RIRs have also exhausted their initial pools of IPv4 addresses: APNIC in 2011, RIPE NCC in 2012, LACNIC in 2014, and ARIN in 2015.

The depletion of IPv4 numbers has been accelerated, in recent years, through the introduction Internet-enabled devices (such as mobile phones, personal organisers, game consoles, and home appliances) and the rise of worldwide Internet connectivity. The developments in the area of the Internet of Things (IoT) also led to an increase in the demand for IP addresses. The concern that IP numbers might run out and eventually inhibit the further development of the Internet has led the technical community to take three major actions:

Rationalise the use of the existing pool of IP numbers through the introduction of Network Address Translation (NAT).

Address the wasteful address allocation algorithms used by the RIRs by introducing Classless Inter-Domain Routing (CIDR).

Introduce a new version of the TCP/IP protocol – IPv6 – which provides a much bigger pool of IP numbers (over 340,000,000,000,000,000,000).

While both NAT and CIDR provided a quick fix for the problem of shortage of IP numbers, a more proper long-term solution is the transition to IPv6.

Although IPv6 was introduced back in 1996, its deployment has been rather slow, mainly due to lack of awareness about the need for transition, as well as limited funds for investment in new equipment in developing countries. Extended measurements of the Internet, performed by groups such as APNIC Labs, revealed that the global average level of IPv6 deployment was at around 7% at the end of 2016. Statistics also show significant differences between the degree of IPv6 deployment at national level. For example, Akamai data for December 2016 reveal that, while some countries IPv6 deployment rates at over 25% (e.g. Belgium, Greece, Switzerland, and the USA), others have not yet started implementing IPv6.

There are concerns that the slow transition to IPv6 can lead to a technical fragmentation of the Internet, into two-parallel internets – one IPv4 enabled and one IPv6 enabled – which can hardly interact with one another. Concerned about such risks, the Internet Architecture Board (IAB) issued a statement in 2016 advising standards developing organisations to ensure that the networking standards they develop support IPv6 and are so written that they do not require IPv4.

While Internet technologies and standards allow some degree of coexistence between IPv4 and IPv6, mechanisms need to be implemented to ensure that IPv4 and IPv6 networks can properly communicate with each other, and they do not function as islands. The Internet Engineering Task Force has developed several specifications in this regard, outlining transition strategies, tools, and mechanisms.

Apart from the problem of transition, the policy framework for IPv6 distribution will require a proper distribution of IP numbers, demanding the introduction of open and competitive mechanisms to address the needs of end-users in the most optimal way. Even with the introduction of IPv6, an ‘artificial’ scarcity of IP numbers could still arise, if those responsible for allocating them at local level, such as ISPs, choose to abuse their power and link such allocation to, for example, the purchase of other services, thus affecting the availability and price of IP numbers.

The ongoing transition from IPv4 to IPv6 is a process that requires attention and involvement from a wide range of stakeholders. Technical organisations such as IANA, the RIRs, and the IETF need to ensure an efficient and effective administration of IPv6 resources, and to develop the necessary standards and specifications for the use of IPv6. ISPs have to both implement techniques that ensure communication between IPv4 and IPv6, and introduce IPv6 in their networks and services. Producers of equipments (operating systems, network equipment, etc) and applications (business software, smart cards, etc) need to ensure that their products and applications are compatible with IPv6. And providers of information society services have to implement IPv6 within their servers.

Changes in TCP/IP and cybersecurity

Security was not a major issue for the original developers of the Internet, as, at that time, the Internet consisted of a closed network of research institutions. With the expansion of the Internet to three billion users worldwide and its growing importance as a critical infrastructure, the question of security is high up on the list of Internet governance issues.

Unlike IPv4, IP security support (IPSec) is a required feature in IPv6, allowing authentication, encryption, and enhanced data integrity and confidentiality. However, despite these security enhancements, IPv6 raises new concerns, as poor implementation and misconfiguration can lead to security problems. In addition, there are concerns that IPv6 addresses could represent a risks for individual privacy, as every device connected to the Internet will have a unique identifier. One way to address such risks would be to have IP addresses assigned dynamically and changed occasionally.

Changes in TCP/IP and the problem of limited bandwidth

To facilitate the delivery of multimedia content (e.g. Internet telephony, or video on demand), it is necessary to provide a quality of service (QoS) capable of guaranteeing a minimum level of performance. QoS is particularly important in delay-sensitive applications, such as live event broadcasting, and is often difficult to achieve due to bandwidth constraints. The introduction of QoS may require changes in the IP, including a potential challenge for the principle of network neutrality.

Given the continuous evolution of network technologies, and the challenges underlined above, organisations in the technical community have started looking into the possibility of developing a next generation of Internet protocols, that would be better suited to the realities of the evolving technical landscape. As an example, in early 2016, the European Telecommunications Standard Institute (ETSI) established a working group tasked with ‘identifying the requirements for next generation protocols and network architectures’; the group is expected to analyse issues such as: addressing, security and authentication, requirements from the Internet of Things, requirements from video and content distribution, and requirements from e-commerce.

Instruments

Resolutions & Declarations

Internet Protocol (IP) networks are generally described as networks of devices that use Internet Protocol as their communication protocol. IP networks are implemented in Internet networks, local area networks (LAN), and enterprise networks. The continuous evolution and increasing use of IP networks brings into discussion a number of challenges such as: interoperability with other telecommunication networks, quality of service, security, migration to next generation networks, etc.

Resolution 101 also makes reference to the concept of Internet governance, with the ITU Plenipotentiary Conference asking the ITU to explore ways for greater collaboration with relevant organisations involved in the development of IP-based networks and the future Internet, ‘in order to increase the role of ITU in Internet governance’. It also resolves that the ITU ‘shall clearly identify [...] the range of Internet-related issues that fall within the responsibility incumbent on the Union’. On the basis of this and other resolutions addressing the role of the ITU in Internet-related issues, the ITU Council adopted, in 2009, Resolution 1305, which invites member states to ‘recognize the scope of work of ITU on international Internet-related public policy matters’, and contains an annex listing such matters (like multilingualism, international Internet connectivity, security, cybercrime, spam, privacy, etc.). A Working Group on International Internet-related Public Policy Issues was also created within the ITU, with the task to ‘Identify, study and develop matters related to international Internet-related public policy issues, and including those issues identified in Council Resolution 1305 (2009)’.

The role of governments and intergovernmental organisations with regard to public policy issues pertaining to the Internet have for long been on the agenda of Internet governance discussions. At the World Summit on the Information Society (2003-2005), such discussions were reflected in the final documents, with the Tunis Agenda addressing the issue directly by noting that ‘policy authority for Internet-related public policy issues is the sovereign rights of States. They have rights and responsibilities for international Internet-related public policy issues’ and that ‘intergovernmental organizations have had, and should continue to have, a facilitating role in the coordination of Internet-related public policy issue’.

Similar discussions have also been held within the framework of the International Telecommunication Union, and resulted in several documents and initiatives addressing the role and responsibilities of governments, and more specifically, of the ITU, in Internet public policy related matters. One example is the Resolution 102 - ‘ITU’s role with regard to international public policy issues pertaining to the Internet and the management of Internet resources, including domain names and addresses’, initially adopted in 1998 and lastly revised in 2014. While recognising the important role of the private sector in the expansion and development of the Internet, the resolution outlines the fact that ‘all governments should have an equal role and responsibility for international Internet governance and for ensuring the stability, security and continuity of the existing Internet and its future development’. It is further explaines that the role of governments includes the provision of a suitable legal framework that promotes the interoperability and wide accessibility of global ICT networks and Internet networks.

With regard to the management of the Internet critical resources (domain names and addresses), it is noted that this needs to be reflective of the geographical nature of the Internet, and take into account ‘an equitable balance of interests of all stakeholders’. The need to respect of the sovereign and legitimate interest of countries regarding decisions affecting their country code top level domains (ccTLDs) is also emphasised.

The resolution asks the ITU to continue its activities on international Internet related public policy issues within its mandate, as well its involvement in international discussions and initiatives related to the management of Internet domain names and addresses, and other Internet resources. It also calls for a continuation of the work of the ITU Council Working Group on international Internet-related public policy issues (CWG Internet) - an intergovernmental group created on the basis of the Resolution 72 (2012) with the main aim to identify, study and develop matters related to international Internet-related public policy issues.

On the basis of these and other resolutions, the ITU and its various bodies have continued to be active on matters related to the Internet, including through: standardisation work in areas such as Internet protocol-based networks and IPv6; a continuous activity of the CWG Internet (which, among others, started work on an online repository of experiences and best practices in international Internet-related public policy issues, as submitted by member states and other stakeholders); and initiatives aimed at facilitating access to and use of the Internet in developing countries.

When IPv4 was introduced, back in 1983, it was thought that the four billion IP numbers available would be enough to satisfy the demand. But this proved to be wrong, as the rise of worldwide Internet connectivity and the developments in the areas of Internet-enabled devices and the Internet of Things lead to a significant increase in the demand for IP addresses and to a process of depletion of IPv4 numbers.

To respond to these challenges, a new version of the TCP/IP protocol was developed - the IPv6, which provides a much bigger pool of IP numbers. However, the deployment of IPv6 is a rather slow process, because of multiple reasons such as: lack of awareness, limited funds available for investments in developing countries, and lack of compatibility between IPv4 and IPv6.

The ongoing transition to IPv6 is a process that has attracted attention and involvement from a wide range of stakeholders. Members states of the International Telecommunication Union (ITU) have also discussed about this issue, and, at the ITU plenipotentiary meeting in 2010, they adopted a resolution on ‘Facilitating the transition for IPv4 to IPv6’. This was later amended at the 2014 ITU plenipotentiary meeting in Busan.

The amended resolution emphasises the need to accelerate the transition from IPv4 to IPv6, and notes that the involvement of all stakeholders is essential for the success of this process. It underlines the importance of awareness raising and capacity building initiatives, and of exchanges of experience and information related to the deployment of IPv6, and calls for a closer cooperation in this area between ITU and other stakeholders such as the regional Internet registries and the Internet Engineering Task Force (IETF). The ITU is also called to support member states which require assistance in the management and allocation of IPv6 resources, and, as part of this process, to monitor the allocation mechanisms, identify possible flaws and make proposals for changes to existing policies.

Member states are invited to support and promote IPv6-related capacity building initiatives at a national and regional level, to develop national policies aimed at ensuring that the communications infrastructures and applications used for public services are IPv6 compatible, and to encourage manufactures and information service providers to supply equipment and services that support IPv6.

The amended resolution was part of the final acts of the Busan plenipotentiary meeting, and it was signed by 150 ITU member states.

Signatory states mandated the ITU Secretary-General to prepare progress reports on the implementation of the resolution and submit them to the ITU member states and the Internet community.

Publications

The latest edition of glossary, compiled by DiploFoundation, contains explanations of over 130 acronyms, initialisms, and abbreviations used in IG parlance. In addition to the complete term, most entries include a concise explanation and a link for further information.

The book, now in its sixth edition, provides a comprehensive overview of the main issues and actors in the field of Internet governance and digital policy through a practical framework for analysis, discussion, and resolution of significant issues. It has been translated into many languages.

Papers

The paper outlines three possible forms of Internet fragmentation: technical fragmentation (infrastructure), governmental fragmentation (government policies constraining access to and use of the Internet) and commercial fragmentation (business actions that prevent access to and use of the Internet). Some of the identified 'top 10' cases of fragmentation are: failure to move to IPv6, blocking new gTLDs, filtering content, digital protectionism, prohibition on transborder data movement, and cybersovereignty.

The study reviews the economic rationale for IP allocation policies. It analyses, among others, the techno-economic characteristics of IP addresses and their interaction with routing, and outlines key questions about scarcity, routing and allocation policy.

Reports

The report, prepared by the Global Commission on Internet Governance, outlines a series of recommendations to policy makers, private industry, the technical community and other stakeholders on modalities for maintaining a ‘healthy Internet’. It tackles aspects such as: the promotion of a safe, open and secure Internet, human rights for digital citizens, the responsibilities of the private sector, safeguarding the stability and resiliency of the Internet’s core infrastructure, and improving multistakeholder Internet governance.

GIP event reports

This educational track provided basic training on how the Domain Name System (DNS) works, by explaining who governs it and how it operates, and why it is important for the wider debates in the Internet governance ecosystem.

The session was led by Mr Peter Van Roste (General Manager at the Council of European National Top-Level Domain Registries, (CENTR)) and Ms Alexandrine Gauvin (Communications Manager, CENTR).

Gauvin introduced CENTR as a forum for information exchange and dialogue among the country code top-level domain name (ccTLD) registries in Europe. Education and raising awareness about the DNS are important aspects of CENTR's work. She began the session by noting that the Internet is governed by the multistakeholder approach which gathers input from businesses, civil society, governments, research institutions, and non-governmental organisations.

Van Roste started off by explaining how data traffic travels along the network. Every device has an Internet Protocol (IP) address which is assigned to the it. The Public Technical Identifiers (PTI), which is part of the Internet Corporation for Assigned Names and Numbers (ICANN), manages the IP addresses globally, and allocates address pools to Regional Internet Registries (RIRs). The regional address pool in Europe is coordinated by the RIPE Network Coordination Centre (RIPE NCC). Van Roste further explained the difference between a static IP and a dynamic one (every device gets a new IP address when it connects to the network). He also noted the different IP versions now in use: IP version 4 (IPv4) and IP version 6 (IPv6). Since there is only a scarce number of IP addresses that can be assigned, the newer version provides for more combinations and thus for more devices to be online. However, the older IPv4 is still more used globally than the IPv6.

Van Roste further explained the concept of top-level domains (TLDs) and the two main types: ccTLDs, such as .de for Germany or .ge for Georgia, which are managed locally and serve local communities; Generic top-level domains (gTLDs), such as .com or .org, which are managed by registries on the basis of contracts concluded with ICANN.

Several main characteristics of the DNS were mentioned – decentralisation, hierarchy, stability, and layers. The DNS is hierarchical as it is organised in several layers that communicate with each other. For example, we have the rootzone maintainer (ex. PTI), the relevant TLD and its registry and registrars (ex. .eu and the EURid registry), and on the last level, the domain name registrant (ex. the European Commission as a domain name registrant for ec.europa.eu ).

Van Roste expressed his support for the ICANN multistakeholder model, in which every stakeholder group has a voice. Reference was made to the so-called ‘Internet Assigned Names Authority (IANA) stewardship transition’, a process that led to the creation of a multistakeholder oversight model for the PTI (as opposed to the previous model in which ICANN managed the DNS on the basis of a contract with the US government).

It was also noted that the founding fathers of the Internet established the technical layer in such a way that neither a single organisation such as ICANN, nor the multistakeholder model, would decide about country codes. When it comes to the allocation of country codes to countries or territories, ICANN follows decisions takes at the United Nations level, and does not decide itself what constitute a country or a territory.

The two last points of the education track highlighted that most users globally do not know how this vital Internet component works, since it has for the last 30 years worked seamlessly. There was also a discussion on the practice of DNS blocking as a content policy measure. For example, in case of a court order or a governmental decision to prohibit access to certain websites, Internet Service Providers (ISPs) are asked to re-direct users from the blocked websites to other webpage indicating the reason for the blocked access. This practice cannot fully stop users from finding another way to access those websites, but it can cause distrust in the DNS and Internet services. This is why DNS blocking is not a proper solution and should only be used as a last resort mechanism, it was argued. The DNS relies on the trust of the users, and Van Roste invited the audience to learn more about this core component which makes the Internet as we know it today.

The document provides a comparative overview of policies across the five Regional Internet Registries (RIRs): AFRINIC, APNIC, ARIN, LACNIC, and RIPE NCC. It includes, among others, information on policies related to the allocation and assignment of Internet Protocol Addresses (both IPv4 and IPv6) and autonomous system numbers.

The document contains a series of proposals aimed to transfer NTIA’s current stewardship role over the Internet Assigned Numbers Authority (IANA) functions to the global multistakeholder community. It is composed of three distinct proposals, from the three communities directly affected by the transition: the domain names community, the numbering resources community (mainly the Internet Regional Registries responsible for the regional allocation and management of IP addresses), and the protocol parameters community (represented by the Internet Engineering Task Force (IETF) and the Internet Architecture Board (IAB)).

The accountability proposal outlines a series of recommendations aimed to make ICANN more accountable to the global Internet community. It is complementary to the proposal on the transition of the stewardship of the Internet Assigned Numbers Authority (IANA) functions from the U.S. Commerce Department’s National Telecommunications and Information Administration to the global multistakeholder community.

The guide is intended to provide an introduction into IP addresses, explaining things such as: what an IP address is; the history of IPv4 and IPv6; the distribution of IP addresses; the policy development processes for the allocation of IP addresses, etc.

A collection of statistics for Internet number resources in the AFRINIC region. It includes IPv4 and IPv6-related stats.

Processes

Click on the ( + ) sign to expand each day.

IGF 2015 Report

In relation to the deployment of IPv6, further discussions on the persistent problem of the depletion of IPv4 numbers took place during the Best Practices Forum (BPF) on Creating an Enabling Environment for IPv6 Adoption. Although the pool of IPv4 is running out at an alarming rate, the panel agreed that the deployment of IPv6 is happening, albeit at its own pace. It was predicted that next year’s BPF will most likely focus on the economic aspects of IPv6 deployment.

The GIP Digital Watch observatory is provided by

in partnership with

and members of the GIP Steering Committee

GIP Digital Watch is operated by

GIP Digital Watch

Submit Content

The GIP Digital Watch observatory reflects on a wide variety of themes and actors involved in global digital policy and Internet governance. We welcome information and documents from your organisations. Submitted content will be reviewed and published by our team of knowledge curators.
You can submit your content at digitalwatch@diplomacy.edu